Fedora directory users - Sep 2006 - Confusion over admserv_host_ip_check message

Hi folks,

I''m having a lot of problems getting into the console admin to the 
server remotely.

I''m getting this in the admin-serv/logs/error log (I''ve
changed the IPs
below, obviously...they are all the same one FYI):

[Mon Sep 25 08:51:57 2006] [notice] [client xxx.xx.xx.xxx] 
admserv_host_ip_check: ap_get_remote_host could not resolve xxx.xx.xx.xxx
[Mon Sep 25 08:51:57 2006] [warn] [client xxx.xx.xx.xxx] 
admserv_host_ip_check: failed to get host by ip addr [xxx.xx.xx.xxx] - 
check your host and DNS configuration
[Mon Sep 25 08:51:57 2006] [notice] [client xxx.xx.xx.xxx] 
admserv_host_ip_check: Unauthorized host ip=xxx.xx.xx.xxx, connection 
rejected


I tried to use ldapmodify to open up the restriction, per the 
instructions here: 
http://directory.fedora.redhat.com/wiki/Howto:AdminServerLDAPMgmt

..like so:

dn: dn of your admin server config entry
changetype: modify
replace: nsAdminAccessAddresses nsAdminAccessHosts
nsAdminAccessAddresses:
nsAdminAccessHosts:


(I left them blank per this mailing list post: 
http://www.redhat.com/archives/fedora-directory-users/2005-December/msg00343.html)

I''ve checked this doc, but it seems to be about what you can do AFTER 
you get the console running:

http://directory.fedora.redhat.com/wiki/Howto:AdminServerLDAPMgmt

I feel like it''s going to be really simple to fix this, but I just am 
pretty unfamiliar with directory server and LDAP in general.  Thanks for 
any help or instructions--

Best,
Dave

Dave Della Costa wrote:
> 
> http://directory.fedora.redhat.com/wiki/Howto:AdminServerLDAPMgmt
> 
See the section entitled

"How to set the hosts/IP addresses allowed to access the Admin Server"

and pay special attention to the NOTE: about the bug that you are likely
encountering.

David

> Arrggh...I''m trying, but I keep getting this output:
> 
> ldap_modify: No such object
> 
> Any suggestions on what this means?
> 
> David Bogen wrote:
> > Dave Della Costa wrote:
> > 
> >>http://directory.fedora.redhat.com/wiki/Howto:AdminServerLDAPMgmt
> >>
> > 
> > See the section entitled
> > 
> > "How to set the hosts/IP addresses allowed to access the 
> Admin Server"
> > 
> > and pay special attention to the NOTE: about the bug that you are 
> > likely encountering.
It means you''re trying to modify an object that doesn''t exist.
More
detail about what you''re doing would be helpful.

Arrggh...I''m trying, but I keep getting this output:

ldap_modify: No such object

Any suggestions on what this means?

Thanks,
Dave


David Bogen wrote:
> Dave Della Costa wrote:
> 
>>http://directory.fedora.redhat.com/wiki/Howto:AdminServerLDAPMgmt
>>
> 
> See the section entitled
> 
> "How to set the hosts/IP addresses allowed to access the Admin
Server"
> 
> and pay special attention to the NOTE: about the bug that you are likely
> encountering.
> 
> David
> 
> 
> 
> 
> ------------------------------------------------------------------------
> 
> --
> Fedora-directory-users mailing list
> Fedora-directory-users@redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users

Sorry, I''m such a noob at LDAP...I need to do some more reading.

I''m following David Bogen''s instructions and executing the
commands from
the section he gave (which is what I was trying before as well).  It 
looks like this:

server bin # ./ldapmodify -D "cn=directory manager" -w password
dn: some.server.com
changetype: modify
replace: nsAdminAccessHosts nsAdminAccessAddresses
nsAdminAccessHosts:
nsAdminAccessAddresses: 224.0.0.0

modifying entry fortress.parsons.edu
ldap_modify: No such object

server bin #


I thought I was set up, but I guess not?  RTFM would be an appropriate 
response, if you don''t mind pointing me in the direction of a good
doc...

Thanks!

Dave


Morris, Patrick wrote:
>>Arrggh...I''m trying, but I keep getting this output:
>>
>>ldap_modify: No such object
>>
>>Any suggestions on what this means?
>>
>>David Bogen wrote:
>>
>>>Dave Della Costa wrote:
>>>
>>>
>>>>http://directory.fedora.redhat.com/wiki/Howto:AdminServerLDAPMgmt
>>>>
>>>
>>>See the section entitled
>>>
>>>"How to set the hosts/IP addresses allowed to access the 
>>
>>Admin Server"
>>
>>>and pay special attention to the NOTE: about the bug that you are 
>>>likely encountering.
> 
> 
> It means you''re trying to modify an object that doesn''t
exist. More
> detail about what you''re doing would be helpful.

> Sorry, I''m such a noob at LDAP...I need to do some more reading.
> 
> I''m following David Bogen''s instructions and executing
the
> commands from the section he gave (which is what I was trying 
> before as well).  It looks like this:
> 
> server bin # ./ldapmodify -D "cn=directory manager" -w password
> dn: some.server.com
> changetype: modify
> replace: nsAdminAccessHosts nsAdminAccessAddresses
> nsAdminAccessHosts:
> nsAdminAccessAddresses: 224.0.0.0
That DN is incorrect.

See the top of the "How to find the Admin Server configuration entry"
part of that How-To for how to find the correct DN using ldapsearch.

Thanks Patrick!  That was the help I needed.  I''ve got the console up
now.

Best,
Dave


Morris, Patrick wrote:
>>Sorry, I''m such a noob at LDAP...I need to do some more
reading.
>>
>>I''m following David Bogen''s instructions and executing
the
>>commands from the section he gave (which is what I was trying 
>>before as well).  It looks like this:
>>
>>server bin # ./ldapmodify -D "cn=directory manager" -w
password
>>dn: some.server.com
>>changetype: modify
>>replace: nsAdminAccessHosts nsAdminAccessAddresses
>>nsAdminAccessHosts:
>>nsAdminAccessAddresses: 224.0.0.0
> 
> 
> That DN is incorrect.
> 
> See the top of the "How to find the Admin Server configuration
entry"
> part of that How-To for how to find the correct DN using ldapsearch.
> 
> --
> Fedora-directory-users mailing list
> Fedora-directory-users@redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users